Fedora 18 : ruby-1.9.3.448-31.fc18 (2013-12123)

A vulnerability was found in Ruby's SSL client that could allow man-in-the-middle attackers to spoof SSL servers via valid certificate issued by a trusted certification authority. This vulnerability has been assigned the CVE identifier CVE-2013-4073. This new update should solve this issue. Note...

CentOS 4 : vixie-cron (CESA-2005:361)

An updated vixie-cron package that fixes various bugs and a security issue is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. The vixie-cron package contains the Vixie version of cron. Cron is a standard UNIX daemon that runs specifie...

CVE-2013-4073 ruby: hostname check bypassing vulnerability in SSL client

The OpenSSL::SSL.verifycertificateidentity function in lib/openssl/ssl.rb in Ruby 1.8 before 1.8.7-p374, 1.9 before 1.9.3-p448, and 2.0 before 2.0.0-p247 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows...

CVE-2013-3970

Juniper Junos Pulse Secure Access Service aka SSL VPN with IVE OS 7.0r2 through 7.0r8 and 7.1r1 through 7.1r5 and Junos Pulse Access Control Service aka UAC with UAC OS 4.1r1 through 4.1r5 include a test Certification Authority CA certificate in the Trusted Server CAs list, which makes it easier...

Design/Logic Flaw

Juniper Junos Pulse Secure Access Service aka SSL VPN with IVE OS 7.0r2 through 7.0r8 and 7.1r1 through 7.1r5 and Junos Pulse Access Control Service aka UAC with UAC OS 4.1r1 through 4.1r5 include a test Certification Authority CA certificate in the Trusted Server CAs list, which makes it easier...

CVE-2013-3970

Juniper Junos Pulse Secure Access Service aka SSL VPN with IVE OS 7.0r2 through 7.0r8 and 7.1r1 through 7.1r5 and Junos Pulse Access Control Service aka UAC with UAC OS 4.1r1 through 4.1r5 include a test Certification Authority CA certificate in the Trusted Server CAs list, which makes it easier...

CVE-2013-3970

CVE-2013-3970 affects Juniper Junos Pulse Secure Access Service (SSL VPN) with IVE OS 7.0r2–7.0r8 and 7.1r1–7.1r5, and Junos Pulse Access Control Service (UAC) with UAC OS 4.1r1–4.1r5. The issue involves inadvertently including an internal/test CA certificate in the Trusted Server CAs list, which...

US Military approved iPhones and iPads for military networks

The US Department of Defense has cleared Apple's iPhone and iPad for use on its military networks, along with the Samsung Galaxy S4 and BlackBerry 10 devices, the agency said in a statement Friday. The entire DOD is much, much larger, of course, and mobile devices are increasing in importance for...

Fedora Update for openvpn FEDORA-2013-7531

Check for the Version of openvpn OpenVAS Vulnerability Test Fedora Update for openvpn FEDORA-2013-7531 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

Mandriva Linux Security Advisory : java-1.6.0-openjdk (MDVSA-2013:014)

Multiple security issues were identified and fixed in OpenJDK icedtea6 : - S8006446: Restrict MBeanServer access - S8006777: Improve TLS handling of invalid messages - S8007688: Blacklist known bad certificate - S7123519: problems with certification path - S8007393: Possible race condition after...

CVE-2012-5484

The client in FreeIPA 2.x and 3.x before 3.1.2 does not properly obtain the Certification Authority CA certificate from the server, which allows man-in-the-middle attackers to spoof a join procedure via a crafted certificate...

CVE-2012-5484

The client in FreeIPA 2.x and 3.x before 3.1.2 does not properly obtain the Certification Authority CA certificate from the server, which allows man-in-the-middle attackers to spoof a join procedure via a crafted certificate...

Design/Logic Flaw

The client in FreeIPA 2.x and 3.x before 3.1.2 does not properly obtain the Certification Authority CA certificate from the server, which allows man-in-the-middle attackers to spoof a join procedure via a crafted certificate...

CVE-2012-5484

The CVE-2012-5484 issue affects FreeIPA 2.x and 3.x prior to 3.1.2 where the client fails to correctly obtain the CA certificate from the server, enabling a man-in-the-middle during the join procedure via a crafted certificate. Connected advisories indicate mitigations implemented in IPA client u...

AIX 5.3 TL 10 : sendmail (IZ72836)

'sendmail before 8.14.4 does not properly handle a '\0' character in a Common Name CN field of an X.509 certificate, which 1 allows man-in-the-middle attackers to spoof arbitrary SSL-based SMTP servers via a crafted server certificate issued by a legitimate Certification Authority, and 2 allows...

Why I decided to uninstall Microsoft Security Essentials Antivirus?

Today I decided to remove Microsoft Security Essentials Antivirus from my system because Security Essentials failed another certification test by independent testing lab, AV-Test Institute. Microsoft's Security Essentials antivirus for Windows XP, Vista, and Windows 7 is a free add-on to Windows...

Why I decided to uninstall Microsoft Security Essentials Antivirus?

Today I decided to remove Microsoft Security Essentials Antivirus from my system because Security Essentials failed another certification test by independent testing lab, AV-Test Institute. Microsoft's Security Essentials antivirus for Windows XP, Vista, and Windows 7 is a free add-on to Windows...

Debian DSA-2599-1 : nss - mis-issued intermediates

Google, Inc. discovered that the TurkTrust certification authority included in the Network Security Service libraries nss mis-issued two intermediate CAs which could be used to generate rogue end-entity certificates. This update explicitly distrusts those two intermediate CAs. The two existing...

[SECURITY] [DSA 2599-1] nss security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2599-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst January 06, 2013 http://www.debian.org/security/faq -...

Debian Security Advisory DSA 2599-1 (nss - mis-issued intermediates)

Google, Inc. discovered that the TurkTrust certification authority included in the Network Security Service libraries nss mis-issued two intermediate CAs which could be used to generate rogue end-entity certificates. This update explicitly distrusts those two intermediate CAs. The two existing...